Thursday, April 18, 2024

Russian Hacker Sentenced to 12 years in Prison for his Role in an International Hacking Campaign

The Acting United States Attorney for the Southern District of New York, Audrey Strauss, announced that “Andrei Tyurin,” a Russian Hacker was sentenced in Manhattan federal court to 144 months in prison for computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.

An insight into the incident

Andrei Tyurin was accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid of 2015.

His major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of U.S. customer data from a single financial institution in history, stealing the personal information of more than 80 million J.P. Morgan Chase customers.

“The conspiracy targeted major financial institutions, brokerage firms, news agencies, and other companies, and netted Tyurin over $19 million in criminal proceeds”, says the Acting U.S. Attorney Audrey Strauss.

Tyurin was responsible for the theft of personal information of over 100 million customers of the victim companies such as J.P. Morgan Chase Bank, E*Trade, Scottrade, and the Wall Street Journal.

In one such instance of security fraud, Tyurin collaborated with his partner Gery to artificially inflate the price of certain stocks publicly traded in the U.S., by marketing the stocks deceptively and misleadingly to customers of the targeted companies whose contact information was stolen during the intrusions.

The hacker also carried out cyberattacks against several U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.

His hacking activity included the targeting of companies known to be used for email marketing campaigns, competitor online casinos, and a merchant risk intelligence firm based in the United States, in order for the co-conspirators to monitor the firm’s efforts to audit potentially criminal online credit card transactions on behalf of major credit card networks, and thus avoid detection of their criminal schemes.

He used computer infrastructure located across five continents, which he controlled from his home in Moscow, and maintained persistent access over an extended time to the victims’ networks, regularly refreshing the stolen data by frequently downloading information from these companies.

Once his hacking activities were detected, TYURIN worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement’s efforts to identify and arrest them.

“TYURIN, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds, and TYURIN himself earned over $19 million in profits from his hacking activity”, reads the press release published by the DoJ.

The Justice Department said Tyurin has been ordered to forfeit over $19 million, with a court hearing on his restitution obligations scheduled for April 6.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Also Read

Russian Hackers Breached US govt, FireEye in a Supply Chain Attack

FBI, CISA, ODNI, and NSA Says Russian Threat Actors Behind SolarWinds Hack


Latest articles

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a...

Cerber Linux Ransomware Exploits Atlassian Servers to Take Full Control

Security researchers at Cado Security Labs have uncovered a new variant of the Cerber...

FGVulDet – New Vulnerability Detector to Analyze Source Code

Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent...

North Korean Hackers Abuse DMARC To Legitimize Their Emails

DMARC is targeted by hackers as this serves to act as a preventative measure...

L00KUPRU Ransomware Attackers discovered in the wild

A new variant of the Xorist ransomware, dubbed L00KUPRU, has been discovered in the...

Oracle Releases Biggest Security Update in 2024 – 372 Vulnerabilities Are Fixed – Update Now!

Oracle has released its April 2024 Critical Patch Update (CPU), addressing 372 security vulnerabilities...

Outlook Login Panel Themed Phishing Attack Evaded All Antivirus Detections

Cybersecurity researchers have uncovered a new phishing attack that has bypassed all antivirus detections.The...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles